CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6665 matches found

Exploit DB•added 2011/06/15 12:0 a.m.•20 views

miniblog 1.0 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/48281/info miniblog is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score

Exploits0

Symantec•added 2011/06/14 12:0 a.m.•19 views

Microsoft Internet Explorer DOM Handling Uninitialized Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected...

0.1AI score

Exploits0Affected Software6

Exploit DB•added 2011/06/14 12:0 a.m.•18 views

vBTube 1.2.9 - 'vBTube.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/48280/info vBTube is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7.4AI score

Exploits0

Symantec•added 2011/06/14 12:0 a.m.•23 views

Microsoft Internet Explorer Drag and Drop Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue to access content from another domain or security zone. This may allow the attacker to obtain sensitive information that may aid in further attacks...

7AI score

Exploits0Affected Software6

OpenVAS•added 2011/06/13 12:0 a.m.•17 views

Adobe Products Unspecified Cross-Site Scripting Vulnerability (Jun 2011) - Windows

Adobe Flash Player, Adobe Reader or Acrobat is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

4.3CVSS8.1AI score0.01077EPSS

Exploits1References2

OpenVAS•added 2011/06/09 12:0 a.m.•9 views

Silex 'sitemap.php' Cross Site Scripting Vulnerability

Silex is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to stea...

7AI score

Exploits0References2

Exploit DB•added 2011/06/07 12:0 a.m.•19 views

Blog:CMS 4.2 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/48132/info BLOG:CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

7AI score

Exploits0

htbridge•added 2011/06/07 12:0 a.m.•19 views

Cross-site Scripting Vulnerabilities in Open-Realty

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Open-Realty, which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting vulnerabilities in Open-Realty 1.1 Input passed via the "name", "email", "friendemail", "subject", "message" POS...

4.3CVSS6.9AI score

Exploits0Affected Software1

htbridge•added 2011/06/07 12:0 a.m.•40 views

Cross-site Scripting (XSS) Vulnerability in FlatPress

High-Tech Bridge SA Security Research Lab has discovered vulnerability in FlatPress which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in FlatPress The vulnerability exists due to input sanitation error in the "name", "email" and "url"...

4.3CVSS6AI score

Exploits0Affected Software1

OpenVAS•added 2011/06/07 12:0 a.m.•26 views

Icinga 'expand' Parameter XSS Vulnerability

Icinga is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:icinga:icinga";...

4.3CVSS5.7AI score0.30062EPSS

Exploits1References4

exploitpack•added 2011/06/07 12:0 a.m.•14 views

Blog:CMS 4.2 - Multiple Cross-Site Scripting Vulnerabilities

Blog:CMS 4.2 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/48132/info BLOG:CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrar...

0.1AI score

Exploits0

Exploit DB•added 2011/06/06 12:0 a.m.•29 views

Squiz Matrix 4 - 'colour_picker.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/48118/info Squiz Matrix is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the conte...

7.4AI score

Exploits0

Tenable Nessus•added 2011/06/06 12:0 a.m.•30 views

Flash Player < 10.3.181.22 XSS (APSB11-13)

An unspecified cross-site scripting vulnerability exists in versions of Flash Player earlier than 10.3.181.22 10.3.181.23 for ActiveX. An attacker may be able to leverage this issue to inject and execute arbitrary HTML and script code in a user's browser. %NASLMINLEVEL 70300 C Tenable Network...

4.3CVSS5.2AI score0.01077EPSS

Exploits1References2

Exploit DB•added 2011/06/06 12:0 a.m.•19 views

Multiple WordPress WooThemes Themes - 'test.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/48110/info Multiple WordPress WooThemes Live Wire are prone to a cross-site scripting vulnerability because they fail to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

7.4AI score

Exploits0

Exploit DB•added 2011/06/06 12:0 a.m.•23 views

Nakid CMS 1.0.2 - 'CKEditorFuncNum' Cross-Site Scripting

source: https://www.securityfocus.com/bid/48109/info Nakid CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...

7.4AI score

Exploits0

Exploit DB•added 2011/06/06 12:0 a.m.•24 views

vBulletin vBExperience 3 - 'sortorder' Cross-Site Scripting

source: https://www.securityfocus.com/bid/48106/info vBulletin vBExperience is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in...

7.4AI score

Exploits0

exploitpack•added 2011/06/06 12:0 a.m.•13 views

Nakid CMS 1.0.2 - CKEditorFuncNum Cross-Site Scripting

Nakid CMS 1.0.2 - CKEditorFuncNum Cross-Site Scripting source: https://www.securityfocus.com/bid/48109/info Nakid CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code...

6.8AI score

Exploits0

exploitpack•added 2011/06/06 12:0 a.m.•12 views

vBulletin vBExperience 3 - sortorder Cross-Site Scripting

vBulletin vBExperience 3 - sortorder Cross-Site Scripting source: https://www.securityfocus.com/bid/48106/info vBulletin vBExperience is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute...

0.3AI score

Exploits0

OpenVAS•added 2011/06/03 12:0 a.m.•22 views

allocPSA 'login/login.php' Cross Site Scripting Vulnerability

allocPSA is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to...

7AI score

Exploits0References3

OpenVAS•added 2011/06/02 12:0 a.m.•20 views

MediaWiki < 1.16.5 XSS Vulnerability - Active Check

MediaWiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.3CVSS5.7AI score0.00329EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by